10.0.3.1(H563Sp21C233)

CVSS 7.0 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

HIGH

network

high complexity

huawei

NVD

Published: 2020-08-17

Updated: 2021-07-21

Summary

Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei E6878 370 Firmware 10.0.3.1\(H563Sp1C00\) Huawei E6878 370 Firmware 10.0.3.1\(H563Sp21C233\)	2
Hardware	Huawei Huawei E6878 370 -	1

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en